CVE-2012-3988
published 2012-10-10CVE-2012-3988: Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| mozilla | firefox | < 10.0.8 | 10.0.8 |
| mozilla | firefox | < 16.0 | 16.0 |
| mozilla | seamonkey | < 2.13 | 2.13 |
| mozilla | thunderbird | < 16.0 | 16.0 |
| mozilla | thunderbird_esr | < 10.0.8 | 10.0.8 |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | enterprise_linux_workstation | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_sdk | — | — |
| suse | linux_enterprise_server | — | — |
| suse | linux_enterprise_server | — | — |